CVE-2010-20007 Seagull FTP v3.3 Build 409 Stack Buffer Overflow

Seagull FTP Client = v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly...

Cisco Firepower Management Center < 6.6.7.1 - Authenticated Remote Code Execute Exploit

Exploit Title: Cisco Firepower Management Center Exploit Author: Abdualhadi khalifa Version: 6.2.3.18", "6.4.0.16", "6.6.7.1 CVE : CVE-2023-20048 import requests import json set the variables for the URL, username, and password for the FMC web services interface fmcurl = "https://fmc.example.com"...

Zoo Management System 1.0 - Unauthenticated Remote Code Execute Vulnerability

Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE Exploit Author: Çağatay Ceyhan Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.htmlgooglevignette Software Link:...

Wondercms 4.3.2 - XSS to Remote Code Execute Exploit

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

rabbitmq-connector plugin module in Apache EventMesh platforms allows attackers to send controlled message

CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh incubating V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the master...

CVE-2023-26512

CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh incubating V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the master...

Deserialization of untrusted data

CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh incubating V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the master...

SQL Injection in dolibarr/dolibarr

Description The searchusers parameter does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection. Proof of Concept Slow query example: POST /dolibarr-14.0.5/htdocs/compta/sociales/list.php HTTP/1.1 Content-Type:...

SQL Injection in pimcore/pimcore

Description The storeId parameter does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection. Proof of Concept 1. Add items to Classification Store: Key definition, Group,... 2. Injection boolean base:...

Movie Rating System 1.0 - SQL injection to Remote Code Execute (Unauthenticated) Exploit

Exploit Title: Movie Rating System 1.0 - SQLi to RCE Unauthenticated Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Tested on: Ubuntu This exploit only works correctly if...

SQL Injection in ampache/ampache

Description The application does not validate and escape the client parameter before using it in a SQL statement at getbookmark function in Repository/Model/Bookmark.php file, leading to a SQL Injection The function named getbookmark which called by in 3 functions: bookmarkcreate, bookmarkedit an...

SQL Injection in ampache/ampache

Description The application does not validate and escape the type parameter before using it in a SQL statement in Model/Tag.php, leading to a SQL Injection Proof of Concept Time delay: GET /browse.php?action=tag&type=0%27orifnow=sysdate,sleep3,0or%27 HTTP/1.1 Host: demo.ampache.dev sec-ch-ua:...

CVE-2021-31649

In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerable to remote code execute...

CVE-2021-31649

In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerable to remote code execute...

SQL Injection in s-cart/core

✍️ Description Searching keyword in/scadmin/currency is vulnerable to SQL injection. This will allow a user to run arbitrary SQL queries and completely delete, edit, export or change all information in the database - potentially rendering the entire platform unusable. 🕵️‍♂️ Proof of Concept Login...

Flash 0-Day In The Wild: Group 123 At The Controls

This blog post is authored by Warren Mercer and Paul Rascagneres. Executive Summary The 1st of February, Adobe published an advisory concerning a Flash vulnerability CVE-2018-4878. This vulnerability is a use after free that allows Remote Code Execute through a malformed Flash object. Additionall...

COMTREND ADSL Router CT-5367 - Remote Code Execution

COMTREND ADSL Router CT-5367 - Remote Code Execution. Remote exploit for Hardware platform Exploit Title: Globalnet COMTREND ADSL Router CT-5367 Remote Code Execute Date: 11-12-2017 Exploit Author: TnMch Software Link : null Type : HardWare Risk of use : High Type to use : Remote 1. Description A...

Firefox browser.downloads addon Remote Code Execute (PoC) Vulnerability

Exploit for multiple platform in category dos / poc CVE-2017-7821 "browser.downloads addon feature may be used for RCE" Steps: 1. Go to 'about:debugging' 2. Unpack attached PoC somewhere 3. Back in 'about:debugging' choose 'Load temp addon' and choose the poc 4. jar file is automatically download...

Security Advisory - BroadPwn Remote Code Execute Vulnerability

Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. Successful exploit of this vulnerability could allow an attacker to remotely execute arbitrary code on affected devices. Vulnerability ID: HWPSIRT-2017-07072 This...

PHP 5.6 GMP unserialize() Use-After-Free

Use After Free Vulnerability in unserialize with GMP Taoguang Chen - Write Date: 2015.8.17 - Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code...